{"id":6245,"date":"2021-08-06T18:37:19","date_gmt":"2021-08-06T13:07:19","guid":{"rendered":"https:\/\/www.kratikal.com\/blog\/?p=6245"},"modified":"2025-01-22T15:00:29","modified_gmt":"2025-01-22T09:30:29","slug":"perfect-phishing-attack-a-penetration-testers-perspective","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/","title":{"rendered":"Perfect Phishing Attack: A Penetration Tester\u2019s Perspective"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Even if your company uses top-notch security solutions to keep malicious actors at bay, these efforts are half-baked as long as the employees keep clicking phishing links. Cybercriminals know it is easier to manipulate humans than to game technology. Unsurprisingly, the issue has escalated dramatically in light of the<\/span> <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/www.kratikal.com\/blog\/hackers-exploit-the-covid-19-pandemic-for-cyber-scams\/\">COVID-19 crisis<\/a><\/strong><\/span> <span style=\"color: #000000;\">that spawns fears and thus gives attackers an extra advantage in creating \u201cmental payloads\u201d for effective hoaxes.<\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#The_Decoy_for_a_Sure-Shot_Scam\" >The Decoy for a Sure-Shot Scam<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#Book_a_Free_Demo_Call_with_Our_People_Security_Expert\" >Book a Free Demo Call with Our People Security Expert<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#Enter_your_details\" >Enter your details<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#Pentesters_Key_Findings\" >Pentesters\u2019 Key Findings<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#How_to_Stay_Safe_from_Phishing\" >How to Stay Safe from Phishing?<\/a><\/li><\/ul><\/nav><\/div>\n\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Here are some statistics to give you the big picture. According to a<\/span> <span style=\"color: #ff6600;\"><a style=\"color: #ff6600;\" href=\"https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q4_2020.pdf\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"color: #183994;\"><strong>recent APWG study<\/strong><\/span><\/a><\/span>, <span style=\"color: #000000;\">the number of reported phishing attacks doubled during 2020. The average fraudulent wire transfer request is seen in business email compromise (<span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/\"><strong>BEC<\/strong><\/a><\/span>) scams increased from $48,000 in Q3 to $75,000 in Q4 of the year. Verizon says 36% of all confirmed breaches in 2021 involved phishing.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\">One of the best ways to build reliable defenses is to think like a phisher. Penetration testing gives white hats actionable insights into the top tricks that get users on the hook, and this knowledge can form a foundation for security awareness training that works. That said, here is a summary of phishing email elements that play a major role in making the recipient slip up.<\/span><\/p>\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\"><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Decoy_for_a_Sure-Shot_Scam\"><\/span><span style=\"color: #000000;\"><strong>The Decoy for a Sure-Shot Scam<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Generally speaking, every <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/phishing-emails-double-due-to-black-friday\/\"><strong>phishing email<\/strong><\/a><\/span> is geared toward persuading a user to click a booby-trapped link or download a harmful attachment. During a classic pentesting exercise, security professionals send employees messages with a link leading to a credential phishing page or a Microsoft Office document that contains toxic macros.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">In most scenarios, the bait is benign and only allows white hats to track every instance of clicking the link or opening the enclosed file. But sometimes, the trial attack is truer-to-life and the macro-based payload gives researchers remote access to a target computer. Not only does the latter tactic shed light on the recipients\u2019 security hygiene, but it also gives pen-testers an idea of how reliable the organization\u2019s automatic real-time defenses are.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">A hugely important thing on the to-do list of the undercover \u201cphisher\u201d is to make the fraudulent email look as realistic as possible. Its narrative has to fit the context of a specific objective.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">If the attack is aimed at accessing the correspondence of senior management, the ideal message will impersonate a coworker or partner whose status in the business hierarchy is high enough to evoke the would-be victim\u2019s interest and trust.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">If the goal is to gain a foothold in a computer used by an employee from the accounting department, then the email will typically mimic some kind of a financial report or instructions from their boss to check wire transfer credentials.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Most phishing emails pressure users into doing something immediately. This feigned urgency causes the target to lose vigilance and make hasty decisions. Proofreading the email is important, too. Misspellings and other inaccuracies make some employees suspicious, and this can ruin the whole conspiracy in a snap.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_People_Security_Expert\"><\/span>\n                        Book a Free Demo Call with Our People Security Expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\"><span class=\"ez-toc-section\" id=\"Enter_your_details\"><\/span>Enter your details<span class=\"ez-toc-section-end\"><\/span><\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pentesters_Key_Findings\"><\/span><span style=\"color: #000000;\"><strong>Pentesters\u2019 Key Findings<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Most trial phishing campaigns show that employees are more inclined to open email attachments than hand over their sensitive information via a web form. Moreover, some users open these files without a second thought mere moments after receiving the message.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">The most effective email subjects are related to corporate perks such as employee discounts and bonus programs from affiliated businesses. About a third of recipients engage with messages like that in some way. Emails that instruct staff to read new corporate policies and other documents associated with enterprise culture come second.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">The success of the attack increases significantly if it is aligned with current events or breaking news. For instance, the December shopping spree is fertile ground for scams advertising fake promos and freebies. The same period is also ideal for sending files disguised as an updated work schedule for the holidays. The spring of 2020 gained notoriety for massive phishing outbreaks revolving around the coronavirus emergency.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">The more targeted the email is, the higher the chance that does its thing. A little bit of open-source intelligence (OSINT) can reveal enough details to create a spear-phishing message that pulls the right strings. In pentests, personalized emails that zero in on one to three employees often have a 100% success rate. As the range of intended recipients grows, the subject is, obviously, more general and the effectiveness goes down.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Sadly, pentests show that <span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/phishing-awareness-and-simulation\"><strong>phishing awareness<\/strong><\/a><\/span> of most employees remains low despite the unprecedented risks. They often overlook red flags such as unfamiliar senders, requests to disclose credentials, and typos in the domain name of the impersonated company.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Stay_Safe_from_Phishing\"><\/span><span style=\"color: #000000;\"><strong>How to Stay Safe from Phishing?<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">In most cases, it isn\u2019t hard to make phishers frown. Some attacks are sophisticated enough to fly below the radar. One way or another, company executives should keep the following things in mind:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"color: #000000;\">Every employee needs to take email security seriously and think twice before clicking a link or downloading a file that may <span style=\"color: #183994;\"><strong>contain a virus<\/strong><\/span>, even if it looks trustworthy.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\">An organization can\u2019t go wrong with a reliable Secure Email Gateway (SEG) solution that identifies and blocks most phishing emails.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\">Security awareness training for personnel using tools like<\/span> <strong><span style=\"color: #ff6600;\"><span style=\"color: #183994;\">TSAT<\/span><\/span> <\/strong><span style=\"color: #000000;\">is a must.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\">Corporate IT teams should inform employees about the<\/span> <span style=\"color: #183994;\"><strong><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/blog\/phishing-and-pharming\/\" target=\"_blank\" rel=\"noopener\">latest phishing tactics<\/a><\/strong><\/span> <span style=\"color: #000000;\">and rogue email templates currently in rotation.<\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong><span style=\"color: #000000;\">Written By:<\/span> <a href=\"https:\/\/twitter.com\/DavidBalaban1\"><span style=\"color: #183994;\">David Balaban<\/span><\/a><\/strong><\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><div class=\"wp-block-image\">\n<figure class=\"alignright size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"200\" height=\"300\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/me-5-200x300-1.jpeg\" alt=\"\" class=\"wp-image-10624\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">David Balaban is a computer security researcher with over 17 years of&nbsp;<\/span><span style=\"font-weight: 400;\">experience in malware analysis and antivirus software evaluation. David runs <\/span><span style=\"font-weight: 400;\">MacSecurity.net and Privacy-PC.com projects that present expert opinions on&nbsp;<\/span><span style=\"font-weight: 400;\">contemporary information security matters, including social engineering,&nbsp;<\/span><span style=\"font-weight: 400;\">malware, penetration testing, threat intelligence, online privacy, and white hat&nbsp;<\/span><span style=\"font-weight: 400;\">hacking. David has a strong malware troubleshooting background, with a recent&nbsp;<\/span><span style=\"font-weight: 400;\">focus on ransomware countermeasures.<\/span><\/span><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Even if your company uses top-notch security solutions to keep malicious actors at bay, these efforts are half-baked as long as the employees keep clicking phishing links. Cybercriminals know it is easier to manipulate humans than to game technology. Unsurprisingly, the issue has escalated dramatically in light of the COVID-19 crisis that spawns fears and [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":7194,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,43],"tags":[],"class_list":["post-6245","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attacks","category-social-engineering"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Perfect Phishing Attack: Insights from a Penetration Tester<\/title>\n<meta name=\"description\" content=\"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Perfect Phishing Attack: Insights from a Penetration Tester\" \/>\n<meta property=\"og:description\" content=\"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-06T13:07:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-01-22T09:30:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1250\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Dip Jung Thapa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dip Jung Thapa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/\"},\"author\":{\"name\":\"Dip Jung Thapa\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/75585994ee4cb3e8b24fe7375dc85ee8\"},\"headline\":\"Perfect Phishing Attack: A Penetration Tester\u2019s Perspective\",\"datePublished\":\"2021-08-06T13:07:19+00:00\",\"dateModified\":\"2025-01-22T09:30:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/\"},\"wordCount\":948,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Perfect-Phishing-Attack.webp\",\"articleSection\":[\"Cyber Attacks\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/\",\"name\":\"Perfect Phishing Attack: Insights from a Penetration Tester\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Perfect-Phishing-Attack.webp\",\"datePublished\":\"2021-08-06T13:07:19+00:00\",\"dateModified\":\"2025-01-22T09:30:29+00:00\",\"description\":\"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Perfect-Phishing-Attack.webp\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Perfect-Phishing-Attack.webp\",\"width\":1250,\"height\":1200,\"caption\":\"Phishing Attack\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/perfect-phishing-attack-a-penetration-testers-perspective\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Perfect Phishing Attack: A Penetration Tester\u2019s Perspective\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/75585994ee4cb3e8b24fe7375dc85ee8\",\"name\":\"Dip Jung Thapa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_5_1698662450.jpeg\",\"caption\":\"Dip Jung Thapa\"},\"description\":\"Co-Founder &amp; COO at Threatcop\u00a0 Department: Operations and Marketing Dip Jung Thapa, Chief Operating Officer (COO) of Threatcop, a leading cybersecurity company dedicated to enhancing people security management for businesses. With a profound understanding of cybersecurity issues, Dip plays a pivotal role in driving Threatcop's mission to safeguard people's digital lives.\u00a0\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Perfect Phishing Attack: Insights from a Penetration Tester","description":"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/","og_locale":"en_US","og_type":"article","og_title":"Perfect Phishing Attack: Insights from a Penetration Tester","og_description":"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...","og_url":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2021-08-06T13:07:19+00:00","article_modified_time":"2025-01-22T09:30:29+00:00","og_image":[{"width":1250,"height":1200,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp","type":"image\/webp"}],"author":"Dip Jung Thapa","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Dip Jung Thapa","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/"},"author":{"name":"Dip Jung Thapa","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/75585994ee4cb3e8b24fe7375dc85ee8"},"headline":"Perfect Phishing Attack: A Penetration Tester\u2019s Perspective","datePublished":"2021-08-06T13:07:19+00:00","dateModified":"2025-01-22T09:30:29+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/"},"wordCount":948,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp","articleSection":["Cyber Attacks","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/","url":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/","name":"Perfect Phishing Attack: Insights from a Penetration Tester","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp","datePublished":"2021-08-06T13:07:19+00:00","dateModified":"2025-01-22T09:30:29+00:00","description":"One of the best ways to build reliable defenses against phishing is to think like a phisher. Penetration testing gives...","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2021\/08\/Perfect-Phishing-Attack.webp","width":1250,"height":1200,"caption":"Phishing Attack"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/perfect-phishing-attack-a-penetration-testers-perspective\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Perfect Phishing Attack: A Penetration Tester\u2019s Perspective"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/75585994ee4cb3e8b24fe7375dc85ee8","name":"Dip Jung Thapa","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_5_1698662450.jpeg","caption":"Dip Jung Thapa"},"description":"Co-Founder &amp; COO at Threatcop\u00a0 Department: Operations and Marketing Dip Jung Thapa, Chief Operating Officer (COO) of Threatcop, a leading cybersecurity company dedicated to enhancing people security management for businesses. With a profound understanding of cybersecurity issues, Dip plays a pivotal role in driving Threatcop's mission to safeguard people's digital lives.\u00a0"}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/6245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=6245"}],"version-history":[{"count":8,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/6245\/revisions"}],"predecessor-version":[{"id":12198,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/6245\/revisions\/12198"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/7194"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=6245"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=6245"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=6245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}